* a preparation I made last month but wasn't able to finish, here it is anyhow

RFC 1996 (DNS Notify) support, this couldn't be fully tested on IPv6 since I lack a master on IPv6. Tested on FreeBSD 10, OpenBSD 5.5

* NAPTR (RFC 2915) support * while there I did some checking against replysize for large packets in reply_* instead of UDP_MAXSIZE * the NAPTR pointers take up 20KB more per record, so if you got 200 records your database will grow by roughly 4 MB

* Fix up some previous made mistakes regarding EDNS0 * This should _hopefully_ complete EDNS0 support (receive and send) * relevant RFC's are RFC 6891 and RFC3225

* RFC 3225 (Indicating Resolver Support of DNSSEC) support * this is a fixup to last commit to show edns0 queries when they are done with the DO bit set. tested on OpenBSD

* first steps at EDNS0 support, this just detects an EDNS0 request but doesn't reply in that fashion. * EDNS0 is RFC 6891 * while there I think I fixed a bug that would have allowed compressed names the check was in a wrong spot, please correct me if I'm wrong.

* The SSHFP is not a hex representation inside the record, but a binary one This fixes SSHFP

* add comments for rfc 4255 and rfc 6594

* SSHFP support (RR# 44) RFC 4255 This supports SHA1 and SHA256 fingerprints * instead of replying from an area on the stack, move it to the heap This fixes truncation between udp and tcp queries. Tested on OpenBSD

* SPF (RR 99) rfc 4408 support tested on OpenBSD

* reflect the year 2014 in the copyright

* update my copyright to include the year 2013

* SRV RR support The srv configfile sample would look like this: ; srv record test,srv,3600,0,0,0,. The first three values after the TTL are in order, priority, weight and port followed by a domain name. Much of this code is based on reply_mx() so any bugs carried over would be carried over. Tested and compiled on OpenBSD/amd64

* in dns.h add a TSIG type, something on what's to come perhaps * in parse.c fix a nasty bug that popped up on OpenBSD/macppc basically the ns and rp entries in the SOA were 0 due to an integer overflow in the parsing, this caused erroneous ANY packets and AXFR's which use the same code. compiles and tested on OpenBSD/macppc and OpenBSD/i386

* rudamentary IXFR support. Now bind9 doesn't need any options telling it to use only AXFR. Basically hardly any code change, we never increment change anyhow (yet) so we dump the entire zone when it's requested.

Change to berkeley db 4.6+, this allows us to use shared sysv memory needed to have multiple server instances that do recursing. The database is now on disk with this change, with a 260KB (default) SYSV shared memory cache. The cache size can be tweaked with the newly added -c flag. The OS has upper limits for SYSV shared memory though and the -c value must account for 25% more for internal purposes. Revert db.h struct domain to static arrays instead of pointers, this is necessary because we want to use shared memory between the database. This reverts revision 1.13 of db.h which was commited on Sun Mar 28 20:18:26 2010 UTC. So far wildcarddnsd has been extremely stable with the pointers, I'm hoping we'll get this much stability back. Added passive AXFR code. The axfr server does NOT bind to port 53 but rather another port, luckily that is configurable with other nameservers like BIND9. BIND nameservers wanting to make use of a wildcarddnsd master should turn IXFR queries off. Fix a small error that would bring wildcarddnsd to a SIGSEGV due to doing an FD_ISSET() on a non-descriptor. This only happens when one doesn't have the logging system turned on so it took a while for me to find it. Added the -n flag which allows multiple forked copies of wdnsd to be started. This is similar to how apache 1.3 web server does it.

* bump copyright date to include 2011

* The ANY type support per request by Alexander Dzuba. * this type only supports A RR's for now and needs testing, first commit in a series. compiles on OpenBSD, replies to any requests

* add the beginning part of recurse_parse based on compress_label() * add more macros to unset flags in a packet

* add a root "hint" RR, much like in BIND this is for the DNS root database a "hint" is like a "ns" RR only that it's never authoritative * fix a bug introduced in reply.c version 1.11 where in reply_ns() only 5 NS hosts could be served instead of 10. * instead of 10 RR's allow 20 and alias this as RECORD_COUNT, this allows all 13 root nameservers to be served now. * in reply_ns() compress NS answers, which we didn't do before.

* "delegate" records, these are ns records but intended for delegation which reply a NS differently than just a zones NS records. This problem was reported by Evgeniy Bogdanov last October, and I finally got the fix/time now. * Fix a few ntohs() to htons(). The problem wasn't seen on little endian machines but may have caused problems on big endian machines. I don't know. I just noticed this per eyeball, now.

* part 1 of merging TTLPATCH branch to HEAD

* just label this nameerr as nxdomain for less confusion

* copyright 2009

* tags, rcscmd's, more README stuff, licensing updates